-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > I don't believe that most ISPs routinely do traffic flow analysis on > their users. If they did, they would have implemented proper egress > filtering many years ago. The fact that they haven't suggests that they > really don't care, in general.
Perhaps, but a state level adversary can trivially make them care. The fact that the hardware and software is already in use at some ISPs means that its cost is not in the billion dollar range. TBH I'd be suprised if most ISPs couldn't handle the necessary detection with a fast x86 box in promiscuous mode. Telcos pushing GBps would of course need the dedicated hardware, but, as CALEA's backdoors have shown us, hardware vendors have no problem adding in custom features like that when there's a demand. Whats another grand when you're upgrading your 150k router anyway? Especially when required to by law. All it takes is a reason to do it, and a few smart coders. The state can provide both. =jr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDTT65WYfZ3rPnHH0RArrrAJ4y48eZm07BzotcmQ2PB4wbDWfagwCfdzc8 VkJYkwpbYnlFm+44zDUZHII= =peKp -----END PGP SIGNATURE-----
